public static bool VerifyPassword(string password, string hashPassword, string salt)
{
var hash = new HashedPassword(hashPassword, salt);
bool matches = hash.Check(password);
return(matches);
}
public async ValueTask <bool> SignInAsync(RmanagerUser user, HttpContext httpContext, bool rememberMe = true, bool validPassword = true)
{
var u = await GetUserByEmailAsync(user.Email);
if (u == null)
{
throw new _400Exception("Cannot find the Email!");
}
bool auth = true;
if (validPassword)
{
var hash = u.PassWordHash.Substring(0, 32);
var salt = u.PassWordHash.Substring(32);
var h = new HashedPassword(hash, salt);
auth = h.Check(user.PassWordHash);
}
if (auth)
{
var authProperties = new AuthenticationProperties
{
//there are many properties in class AuthenticationProperties
IsPersistent = rememberMe
};
//这一块是干嘛的??
var claims = new List <Claim>()
{
new Claim(ClaimTypes.Email, u.Email),
new Claim(ClaimTypes.Name, u.Id.ToString()),
};
for (int i = 0; i < u.Roles.Count; i++)
{
claims.Add(new Claim(ClaimTypes.Role, u.Roles[i]));
}
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var c = new ClaimsPrincipal();
await httpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity), authProperties);
return(true);
}
else
{
throw new _401Exception("Password and email do not match!");
}
}
public async ValueTask <bool> ChallengeAsync(string email, string password)
{
try
{
var pwdhash = await FindFirstAsync(u => u.Email == email, u => u.PassWordHash);
var hash = pwdhash.Substring(0, 32);
var salt = pwdhash.Substring(32);
var h = new HashedPassword(hash, salt);
return(h.Check(password));
}
catch (Exception)
{
return(false);
}
}
/// <summary>
/// 2019/10/21 created
/// signIn function
/// </summary>
/// <param name="user">should at least contain email and password!</param>
/// <param name="httpContext">current httpcontext</param>
/// <returns>indicates whether the signin operation is successful</returns>
public async ValueTask <bool> SignInAsync(TUser user, HttpContext httpContext, bool rememberMe = true, bool validatePassword = true)
{
var u = new TUser();
try
{
u = await collection.Find(a => a.Email == user.Email).FirstAsync();
}
catch (Exception)
{
throw new _401Exception("Cannot find the Email!");
}
if (!u.IsEmailConfirmed /* && services.env.IsDevelopment()*/)
{
throw new _403Exception("Email Not Confirmed, or you are reseting the password");
}
bool auth = true;
if (validatePassword)
{
var hash = u.PassWordHash.Substring(0, 32);
var salt = u.PassWordHash.Substring(32);
var h = new HashedPassword(hash, salt);
auth = h.Check(user.PassWordHash);
}
if (auth)
{
await SignInWithoutCheckAsync(httpContext, u, rememberMe);
return(true);
}
else
{
throw new _401Exception("Password and email do not match!");
}
}